GET CERTIFIED

Certified EU Sarbanes-Oxley Expert (CEUSOE), distance learning and online certification program
Overview

The European Sarbanes-Oxley (the 8th company law directive, and some other European directives and regulations) was enacted to restore investor confidence in the European Union, after major corporate scandals in Europe (Adhold, Parmalat). As the US Sarbanes-Oxley Act was so successful in achieving its objectives, the European Union followed the same path, and it worked very well.

The Japanese Sarbanes-Oxley (Japan’s Financial Instruments and Exchange Law, and the amendments and guidelines that followed) was also enacted to restore investor confidence in Japan, after major corporate scandals in Japan (Kanebo, Livedoor). The Japanese approach was similar, they also followed the successful example of the US Sarbanes-Oxley Act, and it worked very well too.

In 2010, the Sarbanes-Oxley Compliance Professionals Association (SOXCPA) developed the first Certified EU Sarbanes-Oxley Expert (CEUSOE) program. It assisted CSOEs working for firms listed in the EU, and service providers. In 2014, we believed that there were so many developments in the EU, that the CEUSOE program should be written from the ground up. The SOXCPA did not offer the program from 2014 until the end of 2022.

In 2022, the SOXCPA decided to cover in the program many developments, including:
- the extraterritorial application of EU law,
- the EU adequacy decisions,
- the risk and compliance management challenges for firms established in non-EU countries and providing services to EU citizens,
- the new EU guidelines on outsourcing (governance, oversight and documentation, pre-outsourcing analysis and due diligence, contractual elements, information security, exit strategies, access and audit rights, sub-outsourcing, written notification to competent authorities, supervision of outsourcing arrangements).
- a general understanding of the new European directives and regulations (the NIS 2 Directive, the Digital Operational Resilience Act (DORA), the European Cyber Resilience Act).

The extraterritorial application of EU law is one amazing development. The terms ‘extraterritoriality’ and ‘extraterritorial jurisdiction’ refer to the competence of a country to extend its legal powers beyond its territorial boundaries, and to make, apply and enforce rules of conduct in respect of persons, property or events beyond its territory. 

The Sarbanes-Oxley Act of 2002, for example, applies to foreign auditors and foreign companies whose securities are listed in a US stock exchange.

Extraterritorial application of EU law is the application of EU provisions outside the territory of the EU, resulting from EU unilateral legislative and regulatory action.

For example, according to EU’s General Data Protection Regulation (GDPR), non-EU data controllers and processors in any country, must comply with the GDPR obligations, if they offer goods or services to individuals in the EU.

Anu Bradford, Professor of Law in Columbia Law School, is the author of the book “The Brussels Effect: How the European Union Rules the World” (2020), that was named one of the best books of 2020 by Foreign Affairs.

In 2012, she introduced the concept of the ‘Brussels Effect’, that describes Europe’s unilateral power to regulate global markets.

Anu Bradford explains why most global corporations choose to adopt the European laws, regulations and standards in the design and operation of their products and services.

The EU standards are generally stricter, and in most cases, when you comply with EU rules, you comply with laws and regulations around the world.

Even when this approach is more costly, global corporations prefer to have an enterprise-wide, single mode of production and operations, and to market their goods and services globally.

Following the doctrine "you comply with EU rules, you comply around the world", global corporations and service providers need professionals that understand the EU laws, regulations, standards and guidelines.

Objectives

The program has been designed to provide with the skills needed to become a Certified EU Sarbanes-Oxley Expert (CEUSOE).

Target Audience

This course is intended for decision makers, risk and compliance managers, auditors, consultants, and service providers, involved in the design and implementation of risk and compliance related strategies, policies, procedures, risk assessments, control activities, testing, documentation, monitoring and reporting, that:

a. Work for EU and non-EU firms and organizations that are listed in stock exchanges in the European Economic Area (EEA).

b. Work for EU and non-EU firms and organizations that are listed in many stock exchanges around the world, and need enterprise-wide risk and compliance management standards and policies suitable for their multiple listings.

c. Work for EU and non-EU firms and organizations that sell goods and provide services to the citizens of the European Economic Area (EEA).

d. Work in Financial Conglomerates (FC), Financial Holding Companies (FHC), and Mixed Financial Holding Companies (MFHC), selling goods and providing services to the citizens of the European Economic Area (EEA).

e. Service providers, providing services to EU and non-EU firms and organizations that are listed in stock exchanges in the European Economic Area (EEA).

Course Synopsis
Part 1

- Introduction.
- The CEUSOE exam.
- Corporate Scandals in Europe.
- Ahold.
- Parmalat.

Part 2

- The European Union (EU). Key institutions, the EU legislative process, the roles.
- Intergovernmentalism, Supranationalism, Federalism, No “Finalité Politique”.
- EU countries, EEA countries.
- The decision-making institutions.
- 1. The European Commission (Brussels / Luxembourg / Representations across the EU).
- 2. The European Council (Brussels).
- 3. The Council of the European Union (Brussels / Luxembourg).
- 4. The European Parliament (Brussels / Strasbourg / Luxembourg).
- 5. The Court of Justice of the European Union (Luxembourg).
- 6. The European Central Bank (Frankfurt).
- 7. The European Court of Auditors (Luxembourg).
- How does the legislative process work?
- The Lamfalussy Process.

- The European System of Financial Supervision (ESFS).
- The European Systemic Risk Board (ESRB).
- The European Supervisory Authorities (ESAs):
- 1. European Banking Authority (EBA),
- 2. European Insurance and Occupational Pensions Authority (EIOPA),
- 3. European Securities and Markets Authority (ESMA).

- After the Lisbon Treaty.
- Legal acts after the Treaty of Lisbon.
- Delegated acts.
- Implementing acts.
- Regulatory technical standards (RTS).
- Implementing technical standards (ITS).

- Interinstitutional Agreement Between the European Parliament, the Council of the European Union, and the European Commission.
- "The Common Understanding."

- Diplomatic service, defence.
- The European External Action Service.
- Common Foreign and Security Policy (CFSP).
- Common Security and Defence Policy (CSDP).
- The European Cyber Defence Policy Framework (CDPF).
- The Strategic Compass of the European Union.
- The EU Cyber Diplomacy Toolbox.

Part 3

- The Committee of European Auditing Oversight Bodies (CEAOB).
- Rules of procedure of the CEAOB.
- CEAOB, annual reports.

- Before the 8th Company Law Directive.

- Fourth Council Directive 78/660/EEC.
- Seventh Council Directive 83/349/EEC.
- Eighth Council Directive (84/253/EEC).

- The 8th Company Law Directive.
- EU equivalence decisions.
- How is equivalence determined?
- Cooperation with competent authorities from third countries.

- European Parliament, Relations between company supervisory bodies and the management.
- Commission Recommendation of 15 February 2005 on the role of non-executive or supervisory directors.
- Regulation (EU) No 537/2014.
- The Whistleblower Directive.

Part 4

- The European Sarbanes-Oxley for service providers.
- Outsourcing in the European Union.
- EBA Guidelines on outsourcing arrangements.
- Governance of outsourcing arrangements.

- ESMA, Guidelines on outsourcing.
- Guideline 1. Governance, oversight and documentation.
- Guideline 2. Pre-outsourcing analysis and due diligence.
- Guideline 3. Key contractual elements.
- Guideline 4. Information security.
- Guideline 5. Exit strategies.
- Guideline 6. Access and Audit Rights.
- Guideline 7. Sub-outsourcing.
- Guideline 8. Written notification to competent authorities.
- Guideline 9. Supervision of outsourcing arrangements.

- EIOPA, Guidelines on outsourcing.

- New European Directives and Regulations.
- The NIS 2 Directive.
- The Digital Operational Resilience Act (DORA).
- The European Cyber Resilience Act.

Part 5

- What is extraterritoriality?
- Extraterritorial application of EU law.
- What is an adequacy decision?
- Risk and compliance management challenges for firms established in non-EU countries.
- Example: What rules apply if my organisation transfers data outside the EU?

- Concluding remarks.


Become a Certified EU Sarbanes-Oxley Expert (CEUSOE)

We will send the program up to 24 hours after the payment. Please remember to check the spam folder of your email client too, as emails with attachments are often landed in the spam folder.

You have the option to ask for a full refund up to 60 days after the payment. If you do not want one of our programs or services for any reason, all you must do is to send us an email, and we will refund the payment, no questions asked.

Your payment will be received by our strategic partner and service provider, Cyber Risk GmbH (Dammstrasse 16, 8810 Horgen, Switzerland, Handelsregister des Kantons Zürich, Firmennummer: CHE-244.099.341). Cyber Risk GmbH may also send certificates to all members.

The all-inclusive cost is $297. There is no additional cost, now or in the future, for this program.

First option: You can purchase the Certified EU Sarbanes-Oxley Expert (CEUSOE) program with VISA, MASTERCARD, AMEX, Apple Pay, Google Pay etc.
Purchase the CEUSOE program here (VISA, MASTERCARD, AMEX, Apple Pay, Google Pay etc.) Pay




Second option: QR code payment.

i. Open the camera app or the QR app on your phone.

ii. Scan the QR code and possibly wait for a few seconds.

iii. Click on the link that appears, open your browser, and make the payment.



Third option: You can purchase the Certified EU Sarbanes-Oxley Expert (CEUSOE) program with PayPal

When you click "PayPal" below, you will be redirected to the PayPal web site. If you prefer to pay with a card, you can click "Debit or Credit Card" that is also powered by PayPal.

What is included in the program:

A. The official presentations (828 slides).

The presentations are effective and appropriate to study online or offline. Busy professionals have full control over their own learning and are able to study at their own speed. They are able to move faster through areas of the course they feel comfortable with, but slower through those that they need a little more time on.

B. Up to 3 online exam attempts per year.

Candidates must pass only one exam to become CEUSOEs. If they fail, they must study the official presentations and retake the exam. Candidates are entitled to 3 exam attempts every year.

If candidates do not achieve a passing score on the exam the first time, they can retake the exam a second time.

If they do not achieve a passing score the second time, they can retake the exam a third time.

If candidates do not achieve a passing score the third time, they must wait at least one year before retaking the exam. There is no additional cost for any additional exam attempts.

To learn more, you may visit:

https://www.sarbanes-oxley-association.com/Questions_About_The_Certification_And_The_Exams_1.pdf

https://www.sarbanes-oxley-association.com/CEUSOE_Certification_Steps_1.pdf

C. The certificate.

Processing and posting via registered mail with tracking number. Certificates are usually dispatched every 10 weeks.


Frequently Asked Questions
1. I want to know more about the Sarbanes-Oxley Compliance Professionals Association (SOXCPA).

The SOXCPA is the largest association of Sarbanes-Oxley professionals in the world. It is a global community of experts working in risk and compliance management, that explore career avenues, and acquire lifelong skills.

The SOXCPA is wholly owned by Compliance LLC, a company incorporated in Wilmington, NC, and offices in Washington, DC, a provider of risk and compliance training and certification in 57 countries.

Several business units of Compliance LLC are very successful associations that offer standard, premium and lifetime membership, weekly or monthly updates, training, certification, Authorized Certified Trainer (ACT) programs, lobbying that raises awareness on certain problems, interest representation, and other services to their members. The business units of Compliance LLC include:

- The Basel iii Compliance Professionals Association (BiiiCPA), the largest association of Basel iii Professionals in the world. You may visit: https://www.basel-iii-association.com

- The Solvency II Association, the largest association of Solvency II professionals in the world. You may visit: https://www.solvency-ii-association.com

- The International Association of Risk and Compliance Professionals (IARCP). You may visit: https://www.risk-compliance-association.com

The Certified Risk and Compliance Management Professional (CRCMP) certificate, from the IARCP, has become one of the most recognized certificates in risk management and compliance. There are CRCMPs in 57 countries. Companies and organizations around the world consider the CRCMP a preferred certificate.

You can find more about the demand for CRCMPs at: https://www.risk-compliance-association.com/CRCMP_Jobs_Careers.pdf


CRCMP

2. Does the association offer training?

The SOXCPA offers distance learning and online certification programs in most countries, and in-house instructor-led training programs in companies and organizations in many countries.

A. Distance learning and online certification programs.

A1. Certified Sarbanes-Oxley Expert (CSOE).

To learn more, you may visit: https://www.sarbanes-oxley-association.com/Distance_Learning_and_Certification.htm

A2. Certified Japanese Sarbanes-Oxley Expert (CJSOXE).

J-SOX is the unofficial term that refers to Japan’s Financial Instruments and Exchange Law that was promulgated by the Japanese National Diet in June 2006, and to other laws, guidelines, and standards. The Japanese framework is modeled after the U.S. Sarbanes-Oxley Act. To learn more, you may visit: https://www.sarbanes-oxley-association.com/CJSOXE_Distance_Learning_and_Certification.htm

A3. Certified EU Sarbanes-Oxley Expert (CEUSOE).

E-SOX is the unofficial term that refers to the 8th company law directive of the EU, and some other European directives and regulations that collectively achieve the objectives of the Sarbanes-Oxley Act. To learn more, you may visit: https://www.sarbanes-oxley-association.com/CEUSOE_Distance_Learning_and_Certification.htm

B. Instructor-led training.

The association develops and maintains three certification programs and many tailor-made training programs for directors, executive managers, risk and compliance managers, internal and external auditors, data owners, process owners, consultants, suppliers, and service providers.

For instructor-led training, you may contact:

Lyn Spooner, Email: lyn@sarbanes-oxley-association.com

George Lekatis, President of the SOXCPA, Email: lekatis@sarbanes-oxley-association.com

3. Is there any discount available for the distance learning programs?

We do not offer any discount for the first program. We want to keep the cost of the programs so low for all members.

There is no discount for the CSOE program, as the cost is already as low as possible ($147).

You have a $100 discount only after you purchase one of our programs. The discount applies to the second and each additional program.

The most cost-effective way is to start with the Certified Sarbanes-Oxley Expert (CSOE), distance learning and online certification program, which is the most important program of the SOXCPA. The all-inclusive cost is $147.

Then, you have a $100 discount for your second and each additional program. This includes the Certified Japanese Sarbanes-Oxley Expert (CJSOXE), the Certified EU Sarbanes-Oxley Expert (CEUSOE), and each of the programs of the International Association of Risk and Compliance Professionals (IARCP).

When you purchase the Certified Sarbanes-Oxley Expert (CSOE), distance learning and online certification program, at $147, then:

- you can purchase the Certified Japanese Sarbanes-Oxley Expert (CJSOXE), distance learning and online certification program, for $197 (instead of $297),

- you can purchase the Certified EU Sarbanes-Oxley Expert (CEUSOE), distance learning and online certification program, for $197 (instead of $297),

- you can purchase the Certified Risk and Compliance Management Professional (CRCMP), distance learning and online certification program, for $197 (instead of $297),

- you can purchase the Certified Information Systems Risk and Compliance Professional (CISRCP), distance learning and online certification program, for $197 (instead of $297),

- you can purchase the Certified Cyber (Governance Risk and Compliance) Professional - CC(GRC)P, distance learning and online certification program, for $197 (instead of $297),

- you can purchase the Certified Risk and Compliance Management Professional in Insurance and Reinsurance - CRCMP(Re)I, distance learning and online certification program for $197 (instead of $297),

- you can purchase the Travel Security Trained Professional (TSecTPro), distance learning and online certification program for $197 (instead of $297).

Lifetime members can purchase each of the the CSOE, the CEUSOE, and CJSOXE distance learning and online certification programs, at $97.

If you are a lifetime member, or you have already purchased one of our programs, and you want to purchase your next program, please contact Lyn Spooner via email, to receive the URL for the discounter price.

Lyn Spooner, Email: lyn@sarbanes-oxley-association.com

4. Are your training and certification programs vendor neutral?

Yes. We do not promote any products or services, and we are 100% independent.

5. I want to learn more about the exam.

You can take the exam online from your home or office, in all countries.

It is an open book exam. Risk and compliance management is something you must understand and learn, not memorize. You must acquire knowledge and skills, not commit something to memory.

You will be given 90 minutes to complete a 35-question exam. You must score 70% or higher.

The exam contains only questions that have been clearly answered in the official presentations.

All exam questions are multiple-choice, composed of two parts:

a. A stem (a question asked, or an incomplete statement to be completed).

b. Four possible responses.

In multiple-choice questions, you must not look for a correct answer, you must look for the best answer. Cross out all the answers you know are incorrect, then focus on the remaining ones. Which is the best answer? With this approach, you save time, and you greatly increase the likelihood of selecting the correct answer.

TIME LIMIT - This exam has a 90-minute time limit. You must complete this exam within this time limit, otherwise the result will be marked as an unsuccessful attempt.

BACK BUTTON - When taking this exam you are NOT permitted to move backwards to review/change prior answers. Your browser back button will refresh the current page instead of moving backward.

RESTART/RESUME – You CANNOT stop and then resume the exam. If you stop taking this exam by closing your browser, your answers will be lost, and the result will be marked as an unsuccessful attempt.

SKIP - You CANNOT skip answering questions while taking this exam. You must answer all the questions in the order the questions are presented.

We do not send sample questions or past exams. If you study the presentations, you can score 100%.

a. When you are ready to take the CSOE exam, you must follow the steps: https://www.sarbanes-oxley-association.com/CSOE_Certification_Steps_1.pdf

b. When you are ready to take the CJSOXE exam, you must follow the steps: https://www.sarbanes-oxley-association.com/CJSOXE_Certification_Steps_1.pdf

c. When you are ready to take the CEUSOE exam, you must follow the steps: https://www.sarbanes-oxley-association.com/CEUSOE_Certification_Steps_1.pdf

6. How comprehensive are the presentations? Are they just bullet points?

The presentations are not bullet points. They are effective and appropriate to study online or offline.

7. Do I need to buy books to pass the exam?

No. If you study the presentations, you can pass the exam. All the exam questions are clearly answered in the presentations. If you fail the first time, you must study more. Print the presentations and use Post-it to attach notes, to know where to find the answer to a question.

8. Is it an open book exam? Why?

Yes, it is an open book exam. Risk and compliance management is something you must understand and learn, not memorize. You must acquire knowledge and skills, not commit something to memory.

9. Do I have to take the exam soon after receiving the presentations?

No. You can take the exam any time. Your account never expires.

10. Do I have to spend more money in the future to remain certified?

No. Your certificate never expires. It will be valid, without the need to spend money or to take another exam in the future.

11. Ok, the certificate never expires, but things change.

Recertification would be a great recurring revenue stream for the association, but it would also be a recurring expense for our members. We resisted the temptation to "introduce multiple recurring revenue streams to keep business flowing", as we were consulted. No recertification is needed for our programs.

Things change, and this is the reason you need to become (at no cost) a member of the association. Every month you can visit the "Reading Room" of the association and read our newsletter with updates, alerts, and opportunities, to stay current.

12. How many hours do I need to study to pass the exam?

You must study the presentations at least twice, to ensure you have learned the details. The average time needed is:

- 29 hours for the CSOE program,

- 32 hours for the CJSOXE program,

- 38 hours for the CEUSOE program.

This is the average time needed. There are important differences among members.

13. I want to receive another printed and stamped certificate (I lost the one sent, or for other reasons). Can you send me another one?

Every time we send certificates via registered mail with tracking number, we also send all tracking numbers via email. Please track your certificate and ensure you or somebody else can receive it. If there is any problem in the process, please let us know. If we do not receive an email up to 90 days after the day we sent the tracking numbers, indicating that your certificate was not delivered, we will mark the certificate as delivered.

The cost of each additional printed and stamped certificate is $65. It includes the administration, processing and posting via registered mail with tracking number (not courier). Certificates are usually dispatched every 10-12 weeks. We accept payment with cards, QR, and PayPal.

14. Why should I get certified, and why should I choose your certification programs?

Firms and organizations hire and promote “fit and proper” professionals who can provide evidence that they are qualified. Employers need assurance that employees have the knowledge and skills needed to mitigate risks and accept responsibility. Supervisors and auditors ask for independent evidence that the process owners are qualified, and that the controls can operate as designed, because the persons responsible for these controls have the necessary knowledge and experience.

The marketplace is clearly demanding qualified professionals in risk and compliance management. Certified professionals enjoy industry recognition and have more and better job opportunities. It is important to get certified and to belong to professional associations. You prove that you are somebody who cares, learns, and belongs to a global community of professionals.

The Sarbanes-Oxley Compliance Professionals Association (SOXCPA) is the largest association of Sarbanes-Oxley professionals in the world.

The all-inclusive cost of our programs is very low. There is no additional cost for each program, now or in the future, for any reason.

If you purchase a second program, you have a $100 discount. The all-inclusive cost for your second (and each additional) program is $197.

There are 3 exam attempts per year that are included in the cost of each program, so you do not have to spend money again if you fail.

No recertification is required. Your certificates never expire.